Home >  News  >  Money & Shopping > Banking
Top Product Ratings:  TVs  |  Digital Cameras  |  Washing Machines  |  Vacuum Cleaners  |  GPS  |  SUVs  |  Car Seats  |  Strollers
| More
Banking
PINs in peril: Hackers breached 285 million e-records in '08, report finds
Jun 8, 2009 10:44 AM

A recently released report on data breaches indicates that organized crime has fueled a big increase in the hacking of records of banks and other financial service providers. The report says thieves are becoming increasingly successful at stealing PIN numbers that allow them to drain cash from cardholders’ checking, savings or brokerage accounts.

The 2009 Data Breach Investigations Report is based on firsthand evidence collected during breach investigations conducted by Verizon Business.  A total of 285 million electronic records were breached in 2008—more than the previous four years combined—with banks and brokerages accounting for 93 percent of the compromised records.  “Financial services firms were singled out and fell victim to some very determined, very sophisticated and—unfortunately--very successful attacks,” the report notes.

Organized crime has developed new tools for hacking computer systems at banks, data processors and other links in the financial chain to steal what has become the Holy Grail for thieves:  PIN data on ATM and debit cards. Thieves no longer are very interested in stealing magnetic-stripe information from credit cards. Massive data breaches have increased the supply so dramatically that the black market price has dropped from as much as $16 per stolen credit card record in mid-2007 to less than 50 cents now, Verizon investigators say.

“The big money is now in stealing personal identification number information together with associated credit and debit accounts,” the report states. “These PIN-based attacks hit the consumer much harder than typical signature-based counterfeit attacks.”  Indeed, as we have pointed out previously, not only do PIN-attacks allow thieves to quickly drain cash from your accounts, but recouping your losses is more challenging.  As the Verizon report puts it:  “PIN fraud typically places a larger share of the burden upon the consumer to prove that transactions are fraudulent. This makes recovery of lost assets more difficult than with standard credit-fraud charges,”

Some of the more sophisticated cybercriminal methods involve stealing PIN data en masse by hacking into computer systems used by financial service providers, which obviously are beyond consumers’ control. Nevertheless, there are steps you can take to protect yourself:

•Never respond to phone or e-mail requests for your user name, PIN or other account information, even if the inquiry appears to come from your bank or broker.

•Supply account details only when the contact is initiated by you, using the contact information listed on your account statement. 

•Check your account online regularly to quickly spot any unauthorized withdrawals.  

•Protect yourself against debit-card skimmers by following our advice.—Andrea Rock

More About: Banking | Money & Shopping | All Money News

Post a comment

Comments:

2
Expand All
Collapse All

Featured Stories

Previous
Next

Nobody Tests Like We Do

Our testers put 100s of products through their paces at our National Testing and Research Center. Learn more about how we test for:

  • Performance
  • Safety
  • Reliability
Watch video

Money News Categories